App Protection Policy Required Conditional Access remediation and Graph API scope (Calendars.Read) #430
-
|
Hello, We have an Azure AD application that we created to allow our mobile application to enroll and be protected by Intune. Part of the functionality we would also like to be able to use is the Calendars.Read so we added that to our Azure AD application. Now we also are supporting the "Require App Protection Policy" Conditional Access Remediation flow and adding the "protapp" capability which all works fine. We can enroll in Intune and receive the compliance. But we are struggling to figure out once that is done how do we get an Access Token that has the Calendars.Read permission - we can't do it Interactively because that fires off MS Authenticator which is not an Intune App Protected application....so we seem to loop into the remediation flow. And when we tried silently, we get a 50002 which I believe means a token with that scope is not cached anywhere. Looking for guidance - thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
This is discussed in #431 |
Beta Was this translation helpful? Give feedback.
This is discussed in #431